148 matches found
CVE-2026-9386
A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. Impacted is the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument lang leads to os command injection. The attack may be performed from remote...
CVE-2026-9386
A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. Impacted is the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument lang leads to os command injection. The attack may be performed from remote...
CVE-2026-9386
A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. Impacted is the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument lang leads to os command injection. The attack may be performed from remote...
EUVD-2026-31546
A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. Impacted is the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument lang leads to os command injection. The attack may be performed from remote...
CVE-2026-9386 Totolink A8000RU Web Management cstecgi.cgi setLanguageCfg os command injection
A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. Impacted is the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument lang leads to os command injection. The attack may be performed from remote...
CVE-2026-9386
CVE-2026-9386 affects Totolink A8000RU Web Management Interface (version 7.1cu.643_b20200521). The vulnerability is in the /cgi-bin/cstecgi.cgi, function setLanguageCfg, where manipulating the lang argument enables an os command injection. The issue is exploitable remotely and a publicly availabl...
PT-2026-42955
A vulnerability was identified in Totolink A8000RU 7.1cu.643 b20200521. Impacted is the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument lang leads to os command injection. The attack may be performed from remote...
CVE-2026-7720
A weakness has been identified in Totolink WA300 5.2cu.7112B20190227. The impacted element is the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. This manipulation of the argument langType causes command injection. Remote exploitation of the attack ...
CVE-2026-7720 Totolink WA300 POST Request cstecgi.cgi setLanguageCfg command injection
A weakness has been identified in Totolink WA300 5.2cu.7112B20190227. The impacted element is the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. This manipulation of the argument langType causes command injection. Remote exploitation of the attack ...
CVE-2026-7720 Totolink WA300 POST Request cstecgi.cgi setLanguageCfg command injection
A weakness has been identified in Totolink WA300 5.2cu.7112B20190227. The impacted element is the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. This manipulation of the argument langType causes command injection. Remote exploitation of the attack ...
CVE-2026-7720
A weakness has been identified in Totolink WA300 5.2cu.7112B20190227. The impacted element is the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. This manipulation of the argument langType causes command injection. Remote exploitation of the attack ...
TOTOLINK WA300 注入漏洞
TOTOLINK WA300 is a wireless access point produced by TOTOLINK, a Chinese company. The version 5.2cu.7112B20190227 of Totolink WA300 has a vulnerability caused by command injection. This vulnerability stems from the operation of the setLanguageCfg function in the POST Request Handler component’s...
CVE-2026-5676 Totolink A8000R cstecgi.cgi setLanguageCfg missing authentication
A vulnerability was identified in Totolink A8000R 5.9c.681B20180413. This issue affects the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument langType leads to missing authentication. The attack can be launched remotely. The exploit is publicly available...
CVE-2026-5676
A vulnerability was identified in Totolink A8000R 5.9c.681B20180413. This issue affects the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument langType leads to missing authentication. The attack can be launched remotely. The exploit is publicly available...
CVE-2026-5676 Totolink A8000R cstecgi.cgi setLanguageCfg missing authentication
A vulnerability was identified in Totolink A8000R 5.9c.681B20180413. This issue affects the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument langType leads to missing authentication. The attack can be launched remotely. The exploit is publicly available...
CVE-2023-45984
TOTOLINK X5000R V9.1.0u.6118B20201102 and TOTOLINK A7000R V9.1.0u.6115B20201022 was discovered to contain a stack overflow via the lang parameter in the function setLanguageCfg...
CVE-2025-12241
A vulnerability was detected in TOTOLINK A3300R 17.0.0cu.557B20221024. This impacts the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component POST Parameter Handler. The manipulation of the argument lang results in stack-based buffer overflow. It is possible to launch the atta...
CVE-2025-12241
TOTOLINK A3300R (firmware 17.0.0cu.557_B20221024) contains a stack-based buffer overflow in the POST Parameter Handler’s setLanguageCfg (parameter lang) in /cgi-bin/cstecgi.cgi. The issue allows remote code execution and remote impact with high severity (per CVE-2025-12241 descriptions across NVD...
EUVD-2022-47205
Malicious code in bioql PyPI...
EUVD-2023-50246
Malicious code in bioql PyPI...